www.fxgfvbfgbh.de.rs Open in urlscan Pro
88.198.22.168 Malicious Activity! Public Scan

URL:
https://www.fxgfvbfgbh.de.rs/
Submission: On July 08 via manual (July 8th 2020, 10:03:10 am UTC) from TW

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 41 HTTP transactions. The main IP is 88.198.22.168, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is www.fxgfvbfgbh.de.rs.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 9th 2020. Valid for: 3 months.

This is the only time www.fxgfvbfgbh.de.rs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
26	88.198.22.168 88.198.22.168	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f017:4:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 3	199.188.200.186 199.188.200.186	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2	176.9.157.130 176.9.157.130	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:20:... 2606:4700:20::ac43:46e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
2	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
41	10

26 88.198.22.168 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: page-tech.de

www.fxgfvbfgbh.de.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f017:4:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK, US)

scontent-tpe1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.188.200.186 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

kbcz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.157.130 (Germany)

ASN24940 (HETZNER-AS, DE)

www.page-stats.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.94.93 (Chicago, United States) 2 redirects

ASN32748 (STEADFAST, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	de.rs www.fxgfvbfgbh.de.rs	598 KB
5	googleapis.com maps.googleapis.com fonts.googleapis.com	122 KB
4	amung.us 2 redirects whos.amung.us widgets.amung.us	3 KB
3	kbcz.xyz 1 redirects kbcz.xyz	502 KB
2	page-stats.de www.page-stats.de	23 KB
2	gstatic.com fonts.gstatic.com	23 KB
1	geojs.io get.geojs.io	792 B
1	fbcdn.net scontent-tpe1-1.xx.fbcdn.net	12 KB
41	8

	Domain	Requested by
26	www.fxgfvbfgbh.de.rs	www.fxgfvbfgbh.de.rs
4	maps.googleapis.com	www.fxgfvbfgbh.de.rs maps.googleapis.com
3	kbcz.xyz	1 redirects www.fxgfvbfgbh.de.rs
2	widgets.amung.us
2	whos.amung.us	2 redirects
2	www.page-stats.de	www.fxgfvbfgbh.de.rs
2	fonts.gstatic.com	www.fxgfvbfgbh.de.rs
1	get.geojs.io	www.fxgfvbfgbh.de.rs
1	fonts.googleapis.com	www.fxgfvbfgbh.de.rs
1	scontent-tpe1-1.xx.fbcdn.net	www.fxgfvbfgbh.de.rs
41	10

This site contains no links.

Subject Issuer	Validity	Valid
websitebutler.de Let's Encrypt Authority X3	`2020-05-09` - `2020-08-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
kbcz.xyz Sectigo RSA Domain Validation Secure Server CA	`2020-04-03` - `2021-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
page-stats.de Let's Encrypt Authority X3	`2020-06-30` - `2020-09-28`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-21` - `2020-10-09`	7 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.fxgfvbfgbh.de.rs/
Frame ID: 101BC3B3F292E19FCCB60C7CD610ACF4
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

41
Requests

37 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1283 kB
Transfer

2327 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://kbcz.xyz/maiker/location HTTP 301
https://kbcz.xyz/maiker/location/

Request Chain 36

https://whos.amung.us/widget/x40pnut3ur HTTP 307
https://widgets.amung.us/classic/00/2.png

Request Chain 37

https://whos.amung.us/widget/7egqu8r8ba HTTP 307
https://widgets.amung.us/classic/01/113.png

41 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.fxgfvbfgbh.de.rs/ 8 KB
3 KB 409ms
186ms Document
text/html 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 1400720a4b106b6514fa36ec765a0331eca0463c2a8c3f2cce600d97f03fc7fb

Request headers

Host: www.fxgfvbfgbh.de.rs
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
Set-Cookie: wid=crh0jioab92go9epkp75tdjh96; path=/; domain=.fxgfvbfgbh.de.rs
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2947
Keep-Alive: timeout=15, max=180
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK default.css
www.fxgfvbfgbh.de.rs/css/webcard/ 55 KB
9 KB 70ms
65ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/webcard/default.css?t=1562503770
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: df2e60bba2260f0a09d596f8d763cac597a866e0797b064d90cc5f7cf6521f80

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 May 2019 15:19:49 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "dc78-5888a18f30f40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=179
Content-Length: 9279
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK buttons.css
www.fxgfvbfgbh.de.rs/css/webcard/ 36 KB
4 KB 138ms
65ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/webcard/buttons.css?t=1562503770
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: f003ac71cecf83bb9b5646de2ca71e807127128176b5abc60dd507dc8c726569

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "9105-54618e124d480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=178
Content-Length: 3484
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK style.css
www.fxgfvbfgbh.de.rs/css/webcard/minimalist/ 15 KB
4 KB 183ms
60ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/webcard/minimalist/style.css?t=1562503770
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 15a468a0899c2afa0b264aabe1992cb23b181f91df3f493f847a95184a06c9b2

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Jan 2017 08:08:00 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "3d94-5470ef6d7b800-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=180
Content-Length: 3325
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK default.css
www.fxgfvbfgbh.de.rs/css/webcard/minimalist/colors/ 0
368 B 182ms
59ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/webcard/minimalist/colors/default.css?t=1562503770
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "0-54618e124d480"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=180
Content-Length: 0
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK font-awesome-4.4.0.min.css
www.fxgfvbfgbh.de.rs/css/ 26 KB
6 KB 183ms
60ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/font-awesome-4.4.0.min.css?t=1562503770
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 48e0179cb72f572f7219b5854373ac967445961b5c967cac4f1bdcdd8c046505

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "68c3-54618e124d480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=180
Content-Length: 6088
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK magnific-popup.css
www.fxgfvbfgbh.de.rs/css/ 8 KB
2 KB 194ms
64ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/magnific-popup.css?t=1562503770
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "1e66-54618e124d480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=180
Content-Length: 1936
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK flexslider.css
www.fxgfvbfgbh.de.rs/css/ 4 KB
2 KB 194ms
64ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/flexslider.css?t=1562503770
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 467863295302de0e4bd9f19be284d506caaa40aa083a4604342975f2f9242860

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "f3c-54618e124d480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=180
Content-Length: 1397
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK custom.css
www.fxgfvbfgbh.de.rs/css/ 0
290 B 241ms
103ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/custom.css?
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:50 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=15, max=177
Content-Length: 0
Expires: Fri, 07 Aug 2020 10:02:50 GMT

GET
H/1.1 200
OK jquery.js Show response
www.fxgfvbfgbh.de.rs/js/ 91 KB
33 KB 248ms
65ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/jquery.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 32c696facdc745fe3f18c62fc0e8e35dbce7dc26261599ad8feeff2456592680

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "16dc7-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=179
Content-Length: 33437
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK form-processing.js Show response
www.fxgfvbfgbh.de.rs/js/ 2 KB
1 KB 243ms
59ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/form-processing.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 8c0268db1f7bff88555607f383fdf5945c0f4b7647e9edaff0c4d708ffe37238

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "798-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=179
Content-Length: 854
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 118 KB
39 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDeIJgtGDGbtc2ID6R-fVtSMffEPvlSbSQ

Requested by

Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

edee3af15748fed9fc8f51995162882bf9378eb2bd8634f3ef76228fdb95e42f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 10:02:50 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=12
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39829
x-xss-protection: 0
expires: Wed, 08 Jul 2020 10:32:50 GMT

GET
H/1.1 200
OK maps.js Show response
www.fxgfvbfgbh.de.rs/js/ 3 KB
2 KB 243ms
60ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/maps.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: f1ecb339dc22db4c4840cb2923cf806174d9167b90bbf424bed871f96c83b301

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "d27-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=179
Content-Length: 1278
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK jquery.flexslider.js Show response
www.fxgfvbfgbh.de.rs/js/ 54 KB
12 KB 260ms
65ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/jquery.flexslider.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: a67157d6d434a77523cb4e00640992fd472a297af87091082137edf88fe3e711

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "d730-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=179
Content-Length: 11889
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK magnific-popup.js Show response
www.fxgfvbfgbh.de.rs/js/ 46 KB
14 KB 306ms
66ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/magnific-popup.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 2dc788a390ba377c518b5b68697312e206f2e4cf4ad95e8607cd753cadca44f4

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "b771-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=176
Content-Length: 14204
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK initSlider.js Show response
www.fxgfvbfgbh.de.rs/js/ 5 KB
2 KB 304ms
60ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/initSlider.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: a1f50bd04865459bf220a5cbf2765038965a99de708de8d581c83f6639d96a67

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "1589-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=178
Content-Length: 1998
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK imagesloaded.js Show response
www.fxgfvbfgbh.de.rs/js/ 27 KB
7 KB 304ms
61ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/imagesloaded.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: e8dea8f310ea235597152396bfb55a76b2a2444dbfdc2e4163d5cae4ab8e80df

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "6df0-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=178
Content-Length: 6696
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK velocity.js Show response
www.fxgfvbfgbh.de.rs/js/ 210 KB
50 KB 331ms
73ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/velocity.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 07daedfc1563ae53116228bc534dcc2d2b0e3e948a0d71ed850afe47de24ccce

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "347a5-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=178
Content-Length: 51165
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK velocity.ui.js Show response
www.fxgfvbfgbh.de.rs/js/ 34 KB
6 KB 324ms
64ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/velocity.ui.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 317b81d686e683538ecea2906bdd154b9445ca1cae866c20c047e0d7753f9c62

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "87cb-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=178
Content-Length: 5301
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK initPositionAndSize.js Show response
www.fxgfvbfgbh.de.rs/js/ 9 KB
3 KB 348ms
60ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/initPositionAndSize.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 6f862c43ba5ee3294c21be44e74ca8e365e2ba0a02ceaf637e6c75dd114914f3

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "228a-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=178
Content-Length: 2350
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK initAnimations.js Show response
www.fxgfvbfgbh.de.rs/js/ 24 KB
5 KB 364ms
60ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/initAnimations.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: a37ed77cba8bdadf489c82b095976492e5509430a118546132f735aff9d46ef0

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "61dc-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=177
Content-Length: 5171
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK initLinks.js Show response
www.fxgfvbfgbh.de.rs/js/ 1 KB
1004 B 364ms
59ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/initLinks.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 0b16f80c7e917a5e356eff761589882a96bfb6fff3af0afe92691ed31485fd4f

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "41b-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=177
Content-Length: 566
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK app.js Show response
www.fxgfvbfgbh.de.rs/js/webcard/minimalist/ 469 B
726 B 378ms
64ms Script
application/javascript 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/js/webcard/minimalist/app.js?t=1562503771
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 7ba6b429ff22edcf8c734e8731ff107ad3407d25c2b815b296bc4c7c69644cc5

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 12:49:31 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "1d5-58d16c23b0cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=175
Content-Length: 288
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H2 200 105030193_109518220813748_5315477886371695992_n.jpg
scontent-tpe1-1.xx.fbcdn.net/v/t1.0-9/ 11 KB
12 KB 736ms
241ms Image
image/jpeg 2a03:2880:f017:4:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-tpe1-1.xx.fbcdn.net/v/t1.0-9/105030193_109518220813748_5315477886371695992_n.jpg?_nc_cat=110&_nc_sid=ca434c&_nc_eui2=AeH0Mw6P_sUMzTtIyt4m9xuid8aixikdjZF3xqLGKR2Nkd5V6HtWA0jkAZKHwakytY0sql6gT4OT3dsTitEYMuWO&_nc_ohc=Ub2O9kSbRCwAX-Zaln4&_nc_ht=scontent-tpe1-1.xx&oh=808ec2173ce320356efb040b0ec9b330&oe=5F18AB3C
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f017:4:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d4cdb91e6c5ab039e7781d80cdb7bc655b593a0b3d0388ab16328e54139ad6f3

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 613613694
date: Wed, 08 Jul 2020 10:02:51 GMT
x-fb-trip-id: 1781455057
last-modified: Wed, 24 Jun 2020 10:27:21 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1625087340
x-fb-config-version-olb-prod: 850
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11744

GET
H2 200 / Show response
kbcz.xyz/maiker/ 717 KB
502 KB 838ms
395ms Script
application/javascript 199.188.200.186
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kbcz.xyz/maiker/?api=1&lan=facebooknew&ht=1&counter0=x40pnut3ur
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.186 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache / PHP/7.2.31
Resource Hash: b2921160fc378c7364a7c2e536e664643a62287976eabb93118b5ddbed020328

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jul 2020 10:02:51 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.2.31
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK webvisitenkarte_net_banner_728_de.png
www.fxgfvbfgbh.de.rs/images/webcard/ads/ 33 KB
33 KB 65ms
64ms Image
image/png 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxgfvbfgbh.de.rs/images/webcard/ads/webvisitenkarte_net_banner_728_de.png
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 9579473c363be16f3a96d3a7bf87e7f6fcb27436dfd195b938eb238f0ec31ac5

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "825b-54618e124d480"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=177
Content-Length: 33371
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.fxgfvbfgbh.de.rs/css/ 22 KB
5 KB 75ms
64ms Stylesheet
text/css 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/css/font-awesome.min.css
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "5644-54618e124d480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=179
Content-Length: 4383
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
980 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700|Open+Sans:400,300,700

Requested by

Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4c215d271e272432ac0af349f1563a8977f1f2deec76facde8e06f0eea0b169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 10:02:50 GMT
server: ESF
date: Wed, 08 Jul 2020 10:02:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jul 2020 10:02:50 GMT

GET
H/1.1 200
OK hamburg.jpg
www.fxgfvbfgbh.de.rs/images/webcard/banner/ 327 KB
328 KB 64ms
64ms Image
image/jpeg 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxgfvbfgbh.de.rs/images/webcard/banner/hamburg.jpg
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: dbfcdf5ec59d7563bcea781b903f2f3e4cc8ad57da4d6571cb092aec1ca0678b

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Last-Modified: Mon, 03 Apr 2017 21:58:28 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "51d95-54c4a42596900"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=177
Content-Length: 335253
Expires: Fri, 07 Aug 2020 10:02:51 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700|Open+Sans:400,300,700
Origin: https://www.fxgfvbfgbh.de.rs

Response headers

date: Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2321967
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:03:24 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700|Open+Sans:400,300,700
Origin: https://www.fxgfvbfgbh.de.rs

Response headers

date: Thu, 11 Jun 2020 16:31:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 2309473
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 11 Jun 2021 16:31:38 GMT

GET
H/1.1 200
OK piwik.js Show response
www.page-stats.de/ 66 KB
23 KB 264ms
65ms Script
application/javascript 176.9.157.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.page-stats.de/piwik.js
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.157.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: 708b7b0650cb6c27ed0586a288264fdd3250109754f29115644a8dd03dd0d2f3

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 10:34:43 GMT
Server: Apache/2.4.10 (Debian)
ETag: "106c8-58d28fe04eb63-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22708

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.fxgfvbfgbh.de.rs/font/font-awesome-4.4.0/ 63 KB
63 KB 63ms
63ms Font
application/octet-stream 88.198.22.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxgfvbfgbh.de.rs/font/font-awesome-4.4.0/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/js/jquery.js?t=1562503771
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.22.168 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: page-tech.de
Software: Apache/2.4.10 (Debian) OpenSSL/1.0.1t /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxgfvbfgbh.de.rs/css/font-awesome-4.4.0.min.css?t=1562503770
Origin: https://www.fxgfvbfgbh.de.rs

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Last-Modified: Sun, 15 Jan 2017 02:32:34 GMT
Server: Apache/2.4.10 (Debian) OpenSSL/1.0.1t
ETag: "fbd0-54618e124d480"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=176
Content-Length: 64464

GET
H/1.1 200
OK piwik.php
www.page-stats.de/ 43 B
256 B 183ms
183ms Image
image/gif 176.9.157.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.page-stats.de/piwik.php?action_name=www.fxgfvbfgbh.de.rs%2Ffxgfvbfgbh%20-%20Hier%20wird%20Ihr%20Slogan%20stehen&idsite=587&rec=1&r=642149&h=12&m=2&s=51&url=https%3A%2F%2Fwww.fxgfvbfgbh.de.rs%2F&_id=916415cf53fd87c4&_idts=1594202572&_idvc=1&_idn=0&_refts=0&_viewts=1594202572&send_image=1&cookie=1&res=1600x1200&gt_ms=187&pv_id=DdEwC0
Requested by: Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.157.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 08 Jul 2020 10:02:51 GMT
Cache-Control: no-store
Server: Apache/2.4.10 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/ Show response
kbcz.xyz/maiker/location/
Redirect Chain

https://kbcz.xyz/maiker/location
https://kbcz.xyz/maiker/location/

1 KB
621 B

211ms
210ms

Script
application/javascript

199.188.200.186
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://kbcz.xyz/maiker/location/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.186 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache / PHP/7.2.31
Resource Hash: ce0b3cc4048b5dd27f352533ac47cbdef8f4bb9a5170a7fa6d2a917428946599

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 10:02:53 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.2.31
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-length: 464

Redirect headers

status: 301
date: Wed, 08 Jul 2020 10:02:53 GMT
server: Apache
content-length: 241
location: https://kbcz.xyz/maiker/location/
content-type: text/html; charset=iso-8859-1

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 304 B
792 B 54ms
36ms XHR
application/json 2606:4700:20::ac43:46e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: www.fxgfvbfgbh.de.rs
URL: https://www.fxgfvbfgbh.de.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 10:02:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03cf79e19e000096aa5b1e8200000001
x-request-id: 8f268da47daf691da8d3c9c566da563e-AMS
x-geojs-location: AMS
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 5af8f8e2991c96aa-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

2.png
widgets.amung.us/classic/00/
Redirect Chain

https://whos.amung.us/widget/x40pnut3ur
https://widgets.amung.us/classic/00/2.png

1 KB
2 KB

159ms
51ms

Image
image/png

185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/classic/00/2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: 9f8edd3ed559df45e389eb4ce81ed33ae75d33037024653a350b5ba26b4a2651

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 10:02:53 GMT
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-570"
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400, private
accept-ranges: bytes
content-length: 1392
expires: Thu, 09 Jul 2020 10:02:53 GMT

Redirect headers

status: 307
date: Wed, 08 Jul 2020 10:02:53 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://widgets.amung.us/classic/00/2.png
content-type: text/html; charset=UTF-8

GET
H2

200

113.png
widgets.amung.us/classic/01/
Redirect Chain

https://whos.amung.us/widget/7egqu8r8ba
https://widgets.amung.us/classic/01/113.png

1 KB
2 KB

158ms
51ms

Image
image/png

185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/classic/01/113.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: 31d856f683812fbc94420d246e26389c3ce48a0149ebec55ac398ef410d53405

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 10:02:53 GMT
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-5ba"
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400, private
accept-ranges: bytes
content-length: 1466
expires: Thu, 09 Jul 2020 10:02:53 GMT

Redirect headers

status: 307
date: Wed, 08 Jul 2020 10:02:53 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://widgets.amung.us/classic/01/113.png
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 51 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/41/4/ 78 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/41/4/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDeIJgtGDGbtc2ID6R-fVtSMffEPvlSbSQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7f75f90fc821a1b4ab782f5a3c7f4a9f6def35e9b0f34d27147551919fbdb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 04:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 03:21:49 GMT
server: sffe
age: 19626
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29242
x-xss-protection: 0
expires: Thu, 08 Jul 2021 04:35:50 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/41/4/ 144 KB
53 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/41/4/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDeIJgtGDGbtc2ID6R-fVtSMffEPvlSbSQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93870437b7a6afa3b3a7b891ce300ebca970fef60efa7635b165d20eb7b7ac97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 08:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 03:21:49 GMT
server: sffe
age: 265416
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54341
x-xss-protection: 0
expires: Mon, 05 Jul 2021 08:19:20 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
147 B 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.fxgfvbfgbh.de.rs%2F%230.5622766349235151&4sAIzaSyDeIJgtGDGbtc2ID6R-fVtSMffEPvlSbSQ&callback=_xdc_._ibx4mo&key=AIzaSyDeIJgtGDGbtc2ID6R-fVtSMffEPvlSbSQ&token=119387

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/41/4/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

337f9019475cfa608cbedc08dbd6eaf1e097e69c903ac55e6ec869034319d943

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fxgfvbfgbh.de.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jul 2020 10:02:56 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://kbcz.xyz/maiker/?api=1&lan=facebooknew&ht=1&counter0=x40pnut3ur(Line 89) Message: [object HTMLScriptElement]
console-api	log	URL: https://kbcz.xyz/maiker/?api=1&lan=facebooknew&ht=1&counter0=x40pnut3ur(Line 89) Message: [object HTMLScriptElement]
console-api	log	URL: https://kbcz.xyz/maiker/?api=1&lan=facebooknew&ht=1&counter0=x40pnut3ur(Line 89) Message: [object HTMLScriptElement]
console-api	log	URL: https://kbcz.xyz/maiker/?api=1&lan=facebooknew&ht=1&counter0=x40pnut3ur(Line 89) Message: [object HTMLScriptElement]
console-api	log	URL: https://kbcz.xyz/maiker/?api=1&lan=facebooknew&ht=1&counter0=x40pnut3ur(Line 89) Message: [object HTMLScriptElement]
console-api	log	URL: https://kbcz.xyz/maiker/?api=1&lan=facebooknew&ht=1&counter0=x40pnut3ur(Line 89) Message: [object HTMLScriptElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
kbcz.xyz
maps.googleapis.com
scontent-tpe1-1.xx.fbcdn.net
whos.amung.us
widgets.amung.us
www.fxgfvbfgbh.de.rs
www.page-stats.de
176.9.157.130
185.225.208.133
199.188.200.186
2606:4700:20::ac43:46e9
2a00:1450:4001:801::200a
2a00:1450:4001:819::2003
2a00:1450:4001:81c::200a
2a03:2880:f017:4:face:b00c:0:1
67.202.94.93
88.198.22.168
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07daedfc1563ae53116228bc534dcc2d2b0e3e948a0d71ed850afe47de24ccce
0b16f80c7e917a5e356eff761589882a96bfb6fff3af0afe92691ed31485fd4f
0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
1400720a4b106b6514fa36ec765a0331eca0463c2a8c3f2cce600d97f03fc7fb
15a468a0899c2afa0b264aabe1992cb23b181f91df3f493f847a95184a06c9b2
2dc788a390ba377c518b5b68697312e206f2e4cf4ad95e8607cd753cadca44f4
317b81d686e683538ecea2906bdd154b9445ca1cae866c20c047e0d7753f9c62
31d856f683812fbc94420d246e26389c3ce48a0149ebec55ac398ef410d53405
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
32c696facdc745fe3f18c62fc0e8e35dbce7dc26261599ad8feeff2456592680
337f9019475cfa608cbedc08dbd6eaf1e097e69c903ac55e6ec869034319d943
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
467863295302de0e4bd9f19be284d506caaa40aa083a4604342975f2f9242860
48e0179cb72f572f7219b5854373ac967445961b5c967cac4f1bdcdd8c046505
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6f862c43ba5ee3294c21be44e74ca8e365e2ba0a02ceaf637e6c75dd114914f3
708b7b0650cb6c27ed0586a288264fdd3250109754f29115644a8dd03dd0d2f3
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
7ba6b429ff22edcf8c734e8731ff107ad3407d25c2b815b296bc4c7c69644cc5
8c0268db1f7bff88555607f383fdf5945c0f4b7647e9edaff0c4d708ffe37238
93870437b7a6afa3b3a7b891ce300ebca970fef60efa7635b165d20eb7b7ac97
9579473c363be16f3a96d3a7bf87e7f6fcb27436dfd195b938eb238f0ec31ac5
9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e
9f8edd3ed559df45e389eb4ce81ed33ae75d33037024653a350b5ba26b4a2651
a1f50bd04865459bf220a5cbf2765038965a99de708de8d581c83f6639d96a67
a37ed77cba8bdadf489c82b095976492e5509430a118546132f735aff9d46ef0
a67157d6d434a77523cb4e00640992fd472a297af87091082137edf88fe3e711
b2921160fc378c7364a7c2e536e664643a62287976eabb93118b5ddbed020328
ce0b3cc4048b5dd27f352533ac47cbdef8f4bb9a5170a7fa6d2a917428946599
d4c215d271e272432ac0af349f1563a8977f1f2deec76facde8e06f0eea0b169
d4cdb91e6c5ab039e7781d80cdb7bc655b593a0b3d0388ab16328e54139ad6f3
dbfcdf5ec59d7563bcea781b903f2f3e4cc8ad57da4d6571cb092aec1ca0678b
de7f75f90fc821a1b4ab782f5a3c7f4a9f6def35e9b0f34d27147551919fbdb2
df2e60bba2260f0a09d596f8d763cac597a866e0797b064d90cc5f7cf6521f80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8dea8f310ea235597152396bfb55a76b2a2444dbfdc2e4163d5cae4ab8e80df
edee3af15748fed9fc8f51995162882bf9378eb2bd8634f3ef76228fdb95e42f
f003ac71cecf83bb9b5646de2ca71e807127128176b5abc60dd507dc8c726569
f1ecb339dc22db4c4840cb2923cf806174d9167b90bbf424bed871f96c83b301

www.fxgfvbfgbh.de.rs Open in urlscan Pro 88.198.22.168 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

37 %HTTPS

50 %IPv6

8 Domains

10 Subdomains

10 IPs

3 Countries

1283 kBTransfer

2327 kBSize

0 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fxgfvbfgbh.de.rs Open in urlscan Pro
88.198.22.168 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

37 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1283 kB
Transfer

2327 kB
Size

0
Cookies

41 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!